package com.example.config;

import com.example.bean.User;
import com.example.service.UserService;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * @author 朝花不迟暮
 * @version 1.0
 * @date 2020/6/15 21:55
 */
@Slf4j
public class UserRealm extends AuthorizingRealm
{
    @Autowired
    UserService userService;

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection)
    {
        log.info("------------------>执行了授权");
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
//        info.addStringPermission("user:add");

        // 从PrincipalCollection中获得用户信息
        Object principal = principalCollection.getPrimaryPrincipal();
        log.info("个人principal信息为：{}",principal.toString());

// 根据用户名来查询数据库赋予用户角色,权限（查数据库）
        /*Set<String> roles = new HashSet<>();
        Set<String> permissions = new HashSet<>();
        //		给用户添加user权限 (没有进行判断、对所有的用户给user权限)
        if("user".equals(principal)){
            roles.add("user");
            permissions.add("user:query");
        }
//		当用户名为admin时 为用户添加权限admin  两个admin可以理解为连个字段
        if ("root".equals(principal)) {
            roles.add("admin");
            permissions.add("admin:query");
        }
//		为用户添加visit游客权限，在url中没有为visit权限，所以，所有的操作都没权限
        if("visit".equals(principal)){
            roles.add("visit");
            permissions.add("visit:query");
        }
        info.setStringPermissions(permissions);*/

        //获取当前登录用户的信息
        Subject subject = SecurityUtils.getSubject();
        User currentUser = (User) subject.getPrincipal();
        info.addStringPermission(currentUser.getPerms());
        return info;
    }

    //认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException
    {
        log.info("------------------>执行了认证");

        //token里有用户名和密码，因为强转成了UsernamePasswordToken
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        char[] password = token.getPassword();
        String password1 = String.valueOf(password);
        log.info("{password}---->" + password1);
        User user = userService.queryUserByName(token.getUsername(), password1);
        log.info("{user}---->" + user.toString());
        //md5盐值加密
//        ByteSource bytes = ByteSource.Util.bytes(user.getUsername());
        if (user == null)
        {
            return null;
        }
        return new SimpleAuthenticationInfo(user, user.getPassword(), "");
//        return new SimpleAuthenticationInfo(user, user.getPassword(), bytes, "");
    }
}
